CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In 2007(Bypass)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2007-6596 20 Bypass 2007-12-31 2008-09-05
5.0
None Remote Low Not required Partial None None
ClamAV 0.92 does not recognize Base64 UUEncoded archives, which allows remote attackers to bypass the scanner via a Base64-UUEncoded file.
2 CVE-2007-6552 22 1 Dir. Trav. Bypass 2007-12-27 2008-11-15
6.0
None Remote Medium Single system Partial Partial Partial
Directory traversal vulnerability in index.php in AuraCMS 2.2 allows remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in the act parameter, possibly involving the news pilih component; as demonstrated by including admin/admin_users.php to bypass a protection mechanism against direct request.
3 CVE-2007-6511 Bypass 2007-12-21 2008-09-05
5.0
None Remote Low Not required Partial None None
Websense Enterprise 6.3.1 allows remote attackers to bypass content filtering by visiting http URLs with a (1) RealPlayer G2, (2) MSMSGS, or (3) StoneHttpAgent User-Agent header, which results in a Non-HTTP categorization.
4 CVE-2007-6434 264 Bypass 2007-12-18 2008-11-15
2.1
None Local Low Not required None None Partial
Linux kernel 2.6.23 allows local users to create low pages in virtual userspace memory and bypass mmap_min_addr protection via a crafted executable file that calls the do_brk function.
5 CVE-2007-6430 287 Bypass 2007-12-19 2008-09-05
4.3
None Remote Medium Not required Partial None None
Asterisk Open Source 1.2.x before 1.2.26 and 1.4.x before 1.4.16, and Business Edition B.x.x before B.2.3.6 and C.x.x before C.1.0-beta8, when using database-based registrations ("realtime") and host-based authentication, does not check the IP address when the username is correct and there is no password, which allows remote attackers to bypass authentication using a valid username.
6 CVE-2007-6414 255 1 Exec Code Bypass 2007-12-17 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
admin/administrator.php in Adult Script 1.6 and earlier sends a redirect to the web browser but does not exit, which allows remote attackers to bypass authentication and obtain administrative credentials via a direct request. NOTE: this can be leveraged for arbitrary code execution through a request to admin/videolinks_view.php.
7 CVE-2007-6413 264 Bypass 2007-12-17 2008-11-15
9.3
Admin Remote Medium Not required Complete Complete Complete
Sun Solaris 10 with the 120011-04 and 120012-04 patches, and later 120011-* and 120012-* patches, allows remote attackers to bypass certain netgroup restrictions and obtain root access to a filesystem via NFS requests from a client root user.
8 CVE-2007-6398 287 1 Bypass 2007-12-17 2008-11-15
5.0
None Remote Low Not required None Partial None
Flat PHP Board 1.2 and earlier allows remote attackers to bypass authentication and obtain limited access to an arbitrary user account via the fpb_username cookie.
9 CVE-2007-6350 264 Exec Code Bypass 2007-12-14 2011-08-08
8.5
None Remote Medium Single system Complete Complete Complete
scponly 4.6 and earlier allows remote authenticated users to bypass intended restrictions and execute code by invoking dangerous subcommands including (1) unison, (2) rsync, (3) svn, and (4) svnserve, as originally demonstrated by creating a Subversion (SVN) repository with malicious hooks, then using svn to trigger execution of those hooks.
10 CVE-2007-6234 287 1 Bypass 2007-12-04 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
index.php in FTP Admin 0.1.0 allows remote attackers to bypass authentication and obtain administrative access via a loggedin parameter with a value of true, as demonstrated by adding a user account.
11 CVE-2007-6226 287 Bypass 2007-12-04 2008-09-05
7.1
None Remote Medium Not required None None Complete
The American Power Conversion (APC) AP7932 0u 30amp Switched Rack Power Distribution Unit (PDU), with rpdu 3.5.5 and aos 3.5.6, allows remote attackers to bypass authentication and obtain login access by making a login attempt while a different client is logged in, and then resubmitting the login attempt once the other client exits.
12 CVE-2007-6222 264 Bypass 2007-12-04 2008-09-05
6.5
None Remote Low Single system Partial Partial Partial
The CheckCustomerAccess function in functions.php in CRM-CTT Interleave before 4.2.0 (formerly CRM-CTT) does not properly verify user privileges, which allows remote authenticated users with the LIMITTOCUSTOMERS privilege to bypass intended access restrictions and edit non-active user settings. NOTE: some of these details are obtained from third party information.
13 CVE-2007-6200 264 Bypass 2007-12-01 2011-08-23
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in rsync before 3.0.0pre6, when running a writable rsync daemon, allows remote attackers to bypass exclude, exclude_from, and filter and read or write hidden files via (1) symlink, (2) partial-dir, (3) backup-dir, and unspecified (4) dest options.
14 CVE-2007-6150 200 Bypass +Info 2007-11-29 2008-11-15
2.1
None Local Low Not required Partial None None
The "internal state tracking" code for the random and urandom devices in FreeBSD 5.5, 6.1 through 6.3, and 7.0 beta 4 allows local users to obtain portions of previously-accessed random values, which could be leveraged to bypass protection mechanisms that rely on secrecy of those values.
15 CVE-2007-6145 287 Bypass 2007-11-27 2008-11-15
5.0
None Remote Low Not required Partial None None
Unspecified vulnerability in Hitachi JP1/File Transmission Server/FTP 01-00 through 08-10-01 allows remote attackers to bypass authentication and "view files" via unspecified vectors.
16 CVE-2007-6130 287 Bypass 2007-11-26 2008-09-05
5.0
None Remote Low Not required Partial None None
gnump3d 2.9final does not apply password protection to its plugins, which might allow remote attackers to bypass intended access restrictions.
17 CVE-2007-6056 264 Bypass 2007-11-20 2008-11-15
5.0
None Remote Low Not required Partial None None
frame.html in Aida-Web (Aida Web) allows remote attackers to bypass a protection mechanism and obtain comment and task details via modified values to the (1) Mehr and (2) SUPER parameters.
18 CVE-2007-6013 287 Bypass 2007-11-19 2011-03-09
6.8
User Remote Medium Not required Partial Partial Partial
Wordpress 1.5 through 2.3.1 uses cookie values based on the MD5 hash of a password MD5 hash, which allows attackers to bypass authentication by obtaining the MD5 hash from the user database, then generating the authentication cookie from that hash.
19 CVE-2007-6011 287 Bypass 2007-11-15 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
Unspecified vulnerability in main.php of BugHotel Reservation System before 4.9.9 P3 allows remote attackers to bypass authentication and gain administrative access via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
20 CVE-2007-5987 264 Bypass 2007-11-14 2008-11-15
6.8
User Remote Medium Not required Partial Partial Partial
details.php in BtiTracker before 1.4.5, when torrent viewing is disabled for guests, allows remote attackers to bypass protection mechanisms via a direct request, as demonstrated by (1) reading the details of an arbitrary torrent and (2) modifying a torrent owned by a guest.
21 CVE-2007-5960 22 Dir. Trav. Bypass CSRF 2007-11-26 2010-08-21
4.3
None Remote Medium Not required None Partial None
Mozilla Firefox before 2.0.0.10 and SeaMonkey before 1.1.7 sets the Referer header to the window or frame in which script is running, instead of the address of the content that initiated the script, which allows remote attackers to spoof HTTP Referer headers and bypass Referer-based CSRF protection schemes by setting window.location and using a modal alert dialog that causes the wrong Referer to be sent.
22 CVE-2007-5920 22 Dir. Trav. Bypass 2007-11-09 2008-11-15
6.8
User Remote Medium Not required Partial Partial Partial
index.php in Domenico Mancini PicoFlat CMS before 0.4.18 allows remote attackers to include certain files via unspecified vectors, possibly due to a directory traversal vulnerability. NOTE: this can be leveraged to bypass authentication and upload files by including pico_insert.php or unspecified other administrative scripts. NOTE: some of these details are obtained from third party information.
23 CVE-2007-5900 264 Bypass 2007-11-20 2009-02-05
6.9
Admin Local Medium Not required Complete Complete Complete
PHP before 5.2.5 allows local users to bypass protection mechanisms configured through php_admin_value or php_admin_flag in httpd.conf by using ini_set to modify arbitrary configuration variables, a different issue than CVE-2006-4625.
24 CVE-2007-5862 287 Bypass 2007-12-18 2008-09-05
9.4
None Remote Low Not required Complete Complete None
Java in Mac OS X 10.4 through 10.4.11 allows remote attackers to bypass Keychain access controls and add or delete arbitrary Keychain items via a crafted Java applet.
25 CVE-2007-5845 94 2 Dir. Trav. Bypass 2007-11-06 2008-11-15
7.5
User Remote Low Not required Partial Partial Partial
Directory traversal vulnerability in error.php in GuppY 4.6.3, 4.5.16, and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the id parameter. NOTE: this can be leveraged to bypass authentication and upload arbitrary files by including admin/inc/upload.inc and specifying certain multipart/form-data input for admin/inc/upload.inc.
26 CVE-2007-5797 287 Bypass 2007-11-02 2008-11-15
7.5
User Remote Low Not required Partial Partial Partial
SQLLoginModule in Apache Geronimo 2.0 through 2.1 does not throw an exception for a nonexistent username, which allows remote attackers to bypass authentication via a login attempt with any username not contained in the database.
27 CVE-2007-5795 Bypass 2007-11-02 2008-11-15
6.3
None Local Medium Not required None Complete Complete
The hack-local-variables function in Emacs before 22.2, when enable-local-variables is set to :safe, does not properly search lists of unsafe or risky variables, which might allow user-assisted attackers to bypass intended restrictions and modify critical program variables via a file containing a Local variables declaration.
28 CVE-2007-5738 20 Bypass 2007-10-30 2008-11-15
6.8
User Remote Medium Not required Partial Partial Partial
The FlashUpload component in Korean GHBoard uses a client-side protection mechanism to prevent uploading of dangerous file extensions, which allows remote attackers to bypass restrictions and upload arbitrary files via a modified copy of component/flashupload/upload.html.
29 CVE-2007-5701 310 Bypass +Info 2007-10-29 2008-11-15
2.1
None Local Low Not required Partial None None
Incomplete blacklist vulnerability in the Certificate Authority (CA) in IBM Lotus Domino before 7.0.3 allows local users, or attackers with physical access, to obtain sensitive information (passwords) when an administrator enters a "ca activate" or "ca unlock" command with any uppercase character, which bypasses a blacklist designed to suppress password logging, resulting in cleartext password disclosure in the console log and Admin panel.
30 CVE-2007-5667 20 +Priv Bypass 2007-11-13 2008-11-15
7.2
None Local Low Not required Complete Complete Complete
NWFILTER.SYS in Novell Client 4.91 SP 1 through SP 4 for Windows 2000, XP, and Server 2003 makes the \.\nwfilter device available for arbitrary user-mode input via METHOD_NEITHER IOCTLs, which allows local users to gain privileges by passing a kernel address as an argument and overwriting kernel memory locations.
31 CVE-2007-5653 78 1 Bypass 2007-10-23 2008-09-05
9.3
None Remote Medium Not required Complete Complete Complete
The Component Object Model (COM) functions in PHP 5.x on Windows do not follow safe_mode and disable_functions restrictions, which allows context-dependent attackers to bypass intended limitations, as demonstrated by executing objects with the kill bit set in the corresponding ActiveX control Compatibility Flags, executing programs via a function in compatUI.dll, invoking wscript.shell via wscript.exe, invoking Scripting.FileSystemObject via wshom.ocx, and adding users via a function in shgina.dll, related to the com_load_typelib function.
32 CVE-2007-5597 264 Bypass 2007-10-19 2008-09-05
4.3
None Remote Medium Not required None Partial None
The hook_comments API in Drupal 4.7.x before 4.7.8 and 5.x before 5.3 does not pass publication status, which might allow attackers to bypass access restrictions and trigger e-mail with unpublished comments from some modules, as demonstrated by (1) Organic groups and (2) Subscriptions.
33 CVE-2007-5578 287 Bypass 2007-10-18 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Basic Analysis and Security Engine (BASE) before 1.3.8 sends a redirect to the web browser but does not exit, which allows remote attackers to bypass authentication via (1) base_main.php, (2) base_qry_alert.php, and possibly other vectors.
34 CVE-2007-5571 264 Bypass 2007-10-18 2008-09-05
6.8
None Remote Medium Not required Partial Partial Partial
Cisco Firewall Services Module (FWSM) 3.1(6), and 3.2(2) and earlier, does not properly enforce edited ACLs, which might allow remote attackers to bypass intended restrictions on network traffic, aka CSCsj52536.
35 CVE-2007-5549 200 Bypass +Info 2007-10-18 2008-11-15
2.1
None Local Low Not required Partial None None
Unspecified vulnerability in Command EXEC in Cisco IOS allows local users to bypass command restrictions and obtain sensitive information via an unspecified "variation of an IOS command" involving "two different methods", aka CSCsk16129. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes.
36 CVE-2007-5540 20 Bypass 2007-10-17 2012-06-07
7.5
None Remote Low Not required Partial Partial Partial
Unspecified vulnerability in Opera before 9.24 allows remote attackers to overwrite functions on pages from other domains and bypass the same-origin policy via unknown vectors.
37 CVE-2007-5502 310 Bypass 2007-12-01 2008-09-05
6.4
None Remote Low Not required Partial Partial None
The PRNG implementation for the OpenSSL FIPS Object Module 1.1.1 does not perform auto-seeding during the FIPS self-test, which generates random data that is more predictable than expected and makes it easier for attackers to bypass protection mechanisms that rely on the randomness.
38 CVE-2007-5456 94 Bypass 2007-10-14 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Microsoft Internet Explorer 7 and earlier allows remote attackers to bypass the "File Download - Security Warning" dialog box and download arbitrary .exe files by placing a '?' (question mark) followed by a non-.exe filename after the .exe filename, as demonstrated by (1) .txt, (2) .cda, (3) .log, (4) .dif, (5) .sol, (6) .htt, (7) .itpc, (8) .itms, (9) .dvr-ms, (10) .dib, (11) .asf, (12) .tif, and unspecified other extensions, a different issue than CVE-2004-1331. NOTE: this issue might not cross privilege boundaries, although it does bypass an intended protection mechanism.
39 CVE-2007-5447 264 1 Bypass 2007-10-14 2008-11-15
4.3
None Remote Medium Not required Partial None None
ioncube_loader_win_5.2.dll in the ionCube Loader 6.5 extension for PHP 5.2.4 does not follow safe_mode and disable_functions restrictions, which allows context-dependent attackers to bypass intended limitations, as demonstrated by reading arbitrary files via the ioncube_read_file function.
40 CVE-2007-5424 Bypass 2007-10-12 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
The disable_functions feature in PHP 4 and 5 allows attackers to bypass intended restrictions by using an alias, as demonstrated by using ini_alter when ini_set is disabled.
41 CVE-2007-5384 352 Bypass CSRF 2007-10-11 2008-09-05
4.3
None Remote Medium Not required None Partial None
Multiple cross-site request forgery (CSRF) vulnerabilities in the Thomson/Alcatel SpeedTouch 7G router, as used for the BT Home Hub 6.2.6.B and earlier, allow remote attackers to perform actions as administrators via unspecified POST requests, as demonstrated by enabling an inbound remote-assistance HTTPS session on TCP port 51003. NOTE: an authentication bypass can be leveraged to exploit this in the absence of an existing administrative session. NOTE: SpeedTouch 780 might also be affected by some of these issues.
42 CVE-2007-5383 287 Bypass CSRF 2007-10-11 2008-10-11
10.0
Admin Remote Low Not required Complete Complete Complete
The Thomson/Alcatel SpeedTouch 7G router, as used for the BT Home Hub 6.2.6.B and earlier, allows remote attackers on an intranet to bypass authentication and gain administrative access via vectors including a '/' (slash) character at the end of the PATH_INFO to cgi/b, aka "double-slash auth bypass." NOTE: remote attackers outside the intranet can exploit this by leveraging a separate CSRF vulnerability. NOTE: SpeedTouch 780 might also be affected by some of these issues.
43 CVE-2007-5227 79 XSS Bypass 2007-10-05 2010-08-30
4.3
None Remote Medium Not required None Partial None
Multiple cross-site scripting (XSS) vulnerabilities in messaging/course/composeMessage.jsp in BlackBoard Learning System 6.3.1.593 and earlier in BlackBoard Academic Suite allow remote attackers to inject arbitrary web script or HTML via the (1) subject_t and (2) body_text parameters. NOTE: vector 2 requires bypassing a client-side security mechanism that attempts to block XSS sequences.
44 CVE-2007-5210 264 Bypass 2007-10-04 2008-09-05
6.0
None Remote Medium Single system Partial Partial Partial
Arbor Networks Peakflow SP before 3.5.1 patch 14, and 3.6.x before 3.6.1 patch 5, allows remote authenticated users to bypass access restrictions and read or write unspecified data via unknown vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
45 CVE-2007-5143 Bypass 2007-10-01 2008-11-15
1.9
None Local Medium Not required None Partial None
F-Secure Anti-Virus for Windows Servers 7.0 64-bit edition allows local users to bypass virus scanning by using the system32 directory to store a crafted (1) archive or (2) packed executable. NOTE: in many environments, this does not cross privilege boundaries because any process able to write to system32 could also shut off F-Secure Anti-Virus.
46 CVE-2007-5113 287 Bypass +Info 2007-09-26 2008-11-15
5.0
None Remote Low Not required Partial None None
report.cgi in Google Urchin allows remote attackers to bypass authentication and obtain sensitive information (web server logs) via certain modified query parameters, as demonstrated using the profile, rid, prefs, n, vid, bd, ed, dt, and gtype parameters, a different vulnerability than CVE-2007-5112.
47 CVE-2007-5085 287 Bypass 2007-09-26 2008-11-15
5.0
None Remote Low Not required Partial None None
Unspecified vulnerability in the management EJB (MEJB) in Apache Geronimo before 2.0.2 allows remote attackers to bypass authentication and obtain "access to Geronimo internals" via unspecified vectors.
48 CVE-2007-5079 Bypass 2007-09-24 2010-09-03
6.0
User Remote Medium Single system Partial Partial Partial
Red Hat Enterprise Linux 4 does not properly compile and link gdm with tcp_wrappers on x86_64 platforms, which might allow remote attackers to bypass intended access restrictions.
49 CVE-2007-5057 287 Bypass 2007-09-24 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
NetSupport Manager Client before 10.20.0004 allows remote attackers to bypass the (1) basic and (2) authentication schemes by spoofing the NetSupport Manager.
50 CVE-2007-5038 264 Bypass 2007-09-23 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
The offer_account_by_email function in User.pm in the WebService for Bugzilla before 3.0.2, and 3.1.x before 3.1.2, does not check the value of the createemailregexp parameter, which allows remote attackers to bypass intended restrictions on account creation.
Total number of vulnerabilities : 267   Page : 1 (This Page)2 3 4 5 6
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.